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REMARKS/ARGUMENTS 



PATENT 



Prior to the entry of this Amendment, claims 1, 7-14, 16, 20-25, 27, 31-36, 38, 39, 
41-44, 46-49, and 51-53 were pending in this application. Claims 1, 9, 16, 21, 27, 32, 38, 43, 48, 
and 53 have been amended, claim 8 has been canceled, and claim 54 has been added herein. 
Therefore, claims 1, 7, 9-14, 16, 20-25, 27, 31-36, 38, 39, 41-44, 46-49, and 51-54 are now 
pending in this application. Applicants request reconsideration of these claims for at least the 
reasons presented below. 

35 U.S.C. $ 102 Rejection, Hardy 

The final Office Action rejected claims 1, 7-14, 16, 20-25, 27, 31-36, 38, 39, 41- 
44, 46-49, and 51-53 under 35 U.S.C. § 102(e) as being anticipated by U. S. Patent No. 6,073,242 
to Hardy et al. (hereinafter "Hardy"). The Applicants respectfully submit the following 
arguments pointing out significant differences between claims 1, 7-14, 16, 20-25, 27, 31-36, 38, 
39, 41-44, 46-49, and 51-53 submitted by the Applicant and Hardy. 

"A claim is anticipated only if each and every element as set forth in the claim is 
found, either expressly or inherently described, in a single prior art reference." MPEP 2131 
citing Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 631, 2 USPQ2d 1051, 
1053 (Fed. Cir. 1987). Applicant respectfully argues that Hardy fails to disclose each and every 
claimed element. For example. Hardy fails to disclose, either expressly or inherently, a first 
workflow which calls for obtaining an approval before performing a certificate related action for 
users having a flrst user type and a second workflow which does not call for obtaining an 
approval before performing a certiflcate related action_for users having a second user type. 
Hardy also fails to disclose obtaining an approval from an entity identified in a user profile for 
the user and obtaining a certificate based on that approval. 
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Hardy is directed to "an authority server that supports the implementation of role- 
based enterprise policies for expressing and exercising authority and the projection and transfer 
of those authorities over networks of communicating electronic systems." (Col. 3, line 23-27) 
Under Hardy, "the authority server exclusively embodies the authorities of the enterprise and 
allows its users to indirectly wield those authorities only as permitted by enterprise policies." 
(Col. 3, lines 28-31) That is, Hardy describes issuing representations of authority based on 
application of enterprise pohcies. See generally col. 3, line 23 - col. 4, line 51. 

However, Hardy fails to disclose, either expressly or inherently, a first workflow 
which calls for obtaining an approval before performing a certificate related action for users 
having a first user type and a second workflow which does not call for obtaining an approval 
before performing a certificate related action_for users having a second user type. Hardy also 
fails to disclose such an entity identified in a user profile for the user. Hardy does not disclose 
one of the workflows requiring approval for a certificate action while another does not. That is. 
Hardy does not disclose, expressly or inherently, selecting workflows that handle certificate 
related requests differently, i.e., requiring or not requiring approval from an entity associated 
with a requesting user, based on the type of user requesting the action. Rather, Hardy describes 
issuing representations of authority based on a set of enterprise policies but without mentioning 
obtaining approval from an entity associated with the requestor, identified in an identity profile 
for the requestor or otherwise. 

In response to these arguments, the final Office Action contends that the 
"arguments fail to comply with 37 CFR 1.1 1 1(b) because they amount to a general allegation 
that the claims define a patentable invention without specifically pointing out how the language 
of the claims patentably distinguishes them from the references." The final Office Action further 
contends that "Applicant's arguments begins with a list of limitations which the Apphcant 
alleges that Hardy fails to disclose," that "this listing fails to include the exact language of the 
claims," but notes that the arguments provide "a verbatim recitation of the list of limitations 



OID-2005-162-14 



Page 18 of 23 



Appl. No. 09/998,893 PATENT 
Amdt. dated July 1, 2009 
Amendment under 37 CFR 1.114 
Request for Continued Examination 

appearing earlier on the page." While the Applicants respectfully submit that the provided claim 
recitations to which the Office Action seems to object do in fact specifically point out the 
language of the claims that patentably distinguishes them from the reference, the following 
additional comments are provided to further illustrate the differences between Hardy and the 
recitations of the pending claims. 

As noted above and to paraphrase the claim recitations, Hardy does not disclose, 
expressly or inherently, workflows for performing certiflcate related actions that either call for 
approval from an entity associated with the user and identified in a user profile for the user or do 
not call for approval depending upon the type of user as indicated by a user profile for the user. 
That is. Hardy does not disclose, expressly or inherently, selecting workfiows that handle 
certificate related requests differently, i.e., requiring or not requiring approval from an entity 
associated with a requesting user, based on the type of user requesting the action. In an effort to 
demonstrate selecting such different workfiows, the final Office Action cites col. 13, line 44 thru 
col. 14, line 25 of Hardy. This portion of Hardy recites in total: 

"The roles database 186 defines, among other things, mappings from: 
users to roles; 
users to authorities; 
roles to other roles; and 
roles to authorities. 

The roles database 186 also defines the term or date of expiration of the defined 
mappings. In the present invention specific users can have one or more defined 
roles within the enterprise, each of which is associated with other roles and/or 
particular authorities, explicitly or implicitly. FIG. 4 shows an instance of the 
roles database 186 for a hypothetical enterprise. Mappings from user names to 
roles/authorities are shown in the upper portion 186a and mappings from roles to 
roles/authorities are shown in the middle portion 186b. For clarity, mappings from 
external users and/or roles to internal roles and/or authorities are shown in the 
lower portion 186c. 

Referring to the top section 186a, the entry 186a.l shows that the user A. Hardy 
permanently fills the roles of President and Employee but is unavailable to 
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perform those duties from Jan. 1, 1998 to Feb. 1, 1998. According to the entry 
186a.2, the user M. Wills permanently fiUs the roles of CFO and Employee, and 
briefly (from Jan. 1, 1998 to Feb. 1, 1998), the Acting President role. The entry 
186a.3 shows that the user D. Tribble permanently flUs the roles of CTO (Chief 
Technical Officer) and Employee and also permanently holds Check Signing 
authority. Finally, the entry 186a.4 shows that the user N. Hardy permanently fills 
the role of Employee and no other role. 

Entry 186b.l of the middle portion 186b of the roles database shows that the 
President is authorized to fill other enterprise roles and to exercise other enterprise 
authorities, including CFO, CTO and Manager. For example, if the rules database 
188 required that the Manager of Accounting were the only person who could 
authorize a particular expenditure, the President could also authorize that 
expenditure. Moreover, because she is explicitly allowed to play the role of 
Employee, the President could issue a request to the authority apphcation 154 to 
send mail for her as a simple Employee of BigCorp. Note that the range of 
Presidential authority and roles could also be defined in the rules database 188. 
The entry 186b. 2 also shows that the CFO can fill the roles of Manager of 
Contracts or the VP of Accounting. This would, e.g., allow the CFO to represent 
herself as or exercise the authorities allotted to the Manger of Accounting. 
Similarly, entry 186b. 3 shows that the CTO can exercise the authorities of 
Manager in addition to those associated with the CTO role." 

That is, the mapping of users to authorities described in this portion of Hardy 
seems to describe a definition of permissions for performing particular tasks. The final Office 
Action seems to have identified the term "authority" in this portion of Hardy and seems to equate 
this to the entity associated with the user. For example, in regard to the claim recitation of 
"retrieving an approval response from the entity associated with the first user," the final Office 
Action cites col. 4, lines 11-18 and 23-45. This portion of Hardy states in part: 



"Over their secure, authenticated connections, clients can request that a specific 
authority be applied to their communication. Based on the authority associated or 
delegated to the user in the authority server and the policies established in the 
server's configuration, the server can then invoke appropriate authorities on behalf 
of the user, while enforcing enterprise policy (such as logging) on the invocations 
of those authorities." (Col. 4, lines 11-18) 
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The Applicants respectfully submit that rather than identifying another entity and 
obtaining from that entity an approval for a requested action, the "authority" of Hardy describes 
a permission, i.e., actions which a particular user has permission or authority to perform. 
Furthermore, to any extent that the element of Hardy that provides this authority, i.e., the 
authority server, can be considered another entity, the authority server is not identified in a user 
profile for the requesting user as recited, for example, in claim 1 . Therefore, the Applicants 
respectfully maintain that Hardy fails to disclose, expressly or inherently, workflows for 
performing certiflcate related actions that either call for approval from an entity associated with 
the user and identified in a user profile for the user or do not call for approval depending upon 
the type of user as indicated by a user profile for the user. 

More specifically, claim 1, upon which claims 2-15 and 54 depend, claim 16, 
upon which claims 17-26 depend, and claim 27, upon which claims 28-37 depend, each recite in 
part "retrieving by the Identity System a first workfiow for responding to said request from a 
plurality of workflows for responding to requests for certiflcate related actions, wherein each 
workfiow in said plurality of workflows corresponds to a different set of characteristics for a 
user, wherein the first workflow contains a flrst set of directives and a second workfiow in said 
plurality of workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives, wherein said flrst workfiow calls for obtaining an 
approval before performing a certiflcate related action for users having a first user type, wherein 
said second workflow does not call for obtaining an approval before performing a certificate 
related action for users having a second user type, and wherein retrieving the flrst workflow 
further comprises selecting the first workflow from the plurality of workflows based on the first 
certiflcate related action and the a user type of the first user from a set of characteristics for the 
flrst user from an identity proflle for the flrst user maintained by the Identity System being the 
flrst user type; and performing said first workfiow, wherein performing said flrst workfiow 
comprises retrieving an approval response from an entity associated with the flrst user and 
identifled in the identity profile for the first user and obtaining a certiflcate based on the approval 
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response." Hardy fails to disclose, either expressly or inherently, Hardy fails to disclose, either 
expressly or inherently, a first workflow which calls for obtaining an approval before performing 
a certificate related action for users having a first user type and a second workflow which does 
not call for obtaining an approval before performing a certificate related action_for users having a 
second user type. Hardy also fails to disclose obtaining an approval from an entity identified in a 
user profile for the user and obtaining a certificate based on that approval. For at least these 
reasons, the Applicants respectfully request withdrawal of the rejection and allowance of claims 
1, 3-14, 16, 18-25, 27, 29-36, and 54. 



Claim 38, upon which claims 39-42 depend, claim 43, upon which claims 44-47 
depend, and claim 48, upon which claims 49-52 depend, each recite in part "retrieving a first 
workflow for responding to said first request from a plurality of workflows, wherein each 
workflow in said plurality of workflows corresponds to a different set of characteristics for a 
user, wherein said first workflow calls for obtaining an approval before performing a certificate 
related action for users having a first user type, wherein a second workflow of the plurality of 
workflows does not call for obtaining an approval before performing a certificate related action 
for users having a second user type, and wherein retrieving the first workflow for responding to 
said first request further comprises selecting the first workflow from the plurality of workflows 
based on the first certificate related action and a user type of the first user being the first user 
type; [and] performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from the an entity associated with the first user and obtaining a 
certificate." Hardy fails to disclose, either expressly or inherently. Hardy fails to disclose, either 
expressly or inherently, a first workflow which calls for obtaining an approval before performing 
a certificate related action for users having a first user type and a second workflow which does 
not call for obtaining an approval before performing a certificate related action_for users having a 
second user type. Hardy also fails to disclose obtaining an approval from an entity identified in a 
user profile for the user and obtaining a certificate based on that approval. For at least these 
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reasons, the Applicants respectfully request withdrawal of the rejection and allowance of claims 
38-52. 

CONCLUSION 

In view of the foregoing, Applicants believe all claims now pending in this 
Application are in condition for allowance and an action to that end is respectfully requested. 

If the Examiner believes a telephone conference would expedite prosecution of 
this application, please telephone the undersigned at 303-571-4000. 

Dated: Julv 1. 2009 Respectfully submitted. 



/William J. Dalev/ 
William J. Daley 
Reg. No. 52,471 

TOWNSEND and TOWNSEND and CREW LLP 

Two Embarcadero Center, Eighth Floor 

San Francisco, California 941 1 1-3834 

Tel: 303-571-4000 (Denver office) 

Fax: 303-571-4321 (Denver office) 
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